CVE-2023-22119

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications component: Infrastructure. Supported versions that are affected are 12.3, 12.4, 14.0-14.3 and 14.5-14.7. Difficult to exploit vulnerability allows low privileged attacker with network access v...

CVE-2023-22074

Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows high privileged attacker having Create Session, Select Any Dictionary privilege with network access via...

CVE-2023-22074

Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows high privileged attacker having Create Session, Select Any Dictionary privilege with network access via...

DEBIAN-CVE-2023-22081

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise...

CVE-2023-22071

Vulnerability in the PL/SQL component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows high privileged attacker having Create Session, Execute on sys.utlhttp privilege with network access via Oracle Net to...

Buffer overflow

Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows high privileged attacker having Create Session, Create Any View, Select Any Table privilege with network...

CVE-2023-22081

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise...

UBUNTU-CVE-2023-22081

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise...

CVE-2023-22081

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise...

PT-2023-6342 · Oracle · Oracle Banking Trade Finance

Name of the Vulnerable Software and Affected Versions: Oracle Banking Trade Finance versions 14.5 through 14.7 Description: The issue is related to insufficient input validation in the Infrastructure component of Oracle Banking Trade Finance, allowing a low-privileged attacker with network access...

PT-2023-6312

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u381, 8u381-perf, 11.0.20, 17.0.8, 21 Oracle GraalVM for JDK versions 17.0.8, 21 Oracle GraalVM Enterprise Edition versions 20.3.11, 21.3.7, 22.3.3 Description The issue is related to a flaw in the JSSE component of th...

PT-2023-6199 · Oracle · Oracle Database Server +2

Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 19.3 through 19.20 Oracle Database Server versions 21.3 through 21.11 Description: The issue is related to insufficient input validation in the Oracle Database Sharding component. It allows a high-privileged...

PT-2023-6197 · Oracle · Oracle Database Server

Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 19.3 through 19.20 Oracle Database Server versions 21.3 through 21.11 Description: The issue is related to insufficient input validation in the Database Sharding component of Oracle Database Server. This can be...

CVE-2023-42670

A flaw was found in Samba. It is susceptible to a vulnerability where multiple incompatible RPC listeners can be initiated, causing disruptions in the AD DC service. When Samba's RPC server experiences a high load or unresponsiveness, servers intended for non-AD DC purposes for example,...

CVE-2023-40532

Path traversal vulnerability in Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with author or higher privilege to obtain partial information of the files on the web server...

GitLab Security Breach

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. GitLab suffers from a security vulnerability that stems from the ability to re...

Graylog 路径遍历漏洞

Graylog is a centralized log management solution from Graylog USA. The product supports capturing, storing, and analyzing logs in real time, among other things. Graylog suffers from a path traversal vulnerability that stems from incorrect user input validation and a partial path traversal...

SUSE SLES15 / openSUSE 15 Security Update : java-1_8_0-ibm (SUSE-SU-2023:3441-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3441-1 advisory. - IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute arbitrary code on th...

VMware Cloud Director 10.5 Partial Compatibility Patch

Intended Audience This hotfix is intended for customers who upgraded to VMware Cloud Director 10.5 and found that backup operations were impacted. Customers who have not yet upgraded to VMware Cloud Director 10.5 are advised to wait for full Cloud Director 10.5 support, which will be available in...

PT-2023-26257 · Saho · Adm100 +1

Name of the Vulnerable Software and Affected Versions: Saho attendance devices ADM100 and ADM-100FP affected versions not specified Description: The issue concerns missing authentication for critical functions, allowing an unauthenticated remote attacker to execute system commands in partial...